If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Have you ever lost or forgotten a user password?

Have you ever lost or forgotten a user password? Several tools are available that can help you in those situations, including Peter Nordahl's Offline NT Password & Registry Editor tool (see the first URL below). Nordahl's tool is available in the form of a floppy boot disk image, which contains a single-floppy version of the Linux OS along with software that resets any valid user's password. The tool works on systems that have Syskey enabled--a nice touch--and you can also use the tool to disable Syskey. If you prefer to use a CD-ROM-based boot image, DMZ Services offers one that contains a mini-Linux boot image and Nordahl's password recovery software (second URL below). DMZ Services offers a shell script that can create the bootable International organization for Standardization (ISO)-based image and offers an ISO-based file (.iso) that you can burn directly onto a CD-RW using standard CD-RW burning software.

I promised my self to not write anything down since I have a vacation, but this thread was so tempting that I had to make a post again. And I'm sorry if you got red points for your post in this thread.

I have never denied that NT boot disk can reset passwords and be of great help. But almost no tool is that good that you would use it if you did not have to, and the tool I mentioned above is such a tool. It's still a beta or maybe even a alpha since their NTFS driver not is perfect.

I would not use NT rescue disk either if I did not have to.

Originally posted by shkuey

I prefer intelligent discussion over trying to make a point with antipoints, but whatever floats your boat. I'll just let microsoft prove you wrong on this one.

Microsoft's site is terrible, hard to find anything, but this page makes reference to the fact that their disk can reset passwords.

And now back to NT rescue disk, as I stated it's possible to restore password with it but you have to make a pair of rescue disks of every workstation since the rescue disks are "personal" and do only work on the computer you made them on (correct me if I'm wrong on this one). You also have to put them away in a wault or similiar since it's aint good to have the disks were everyone can use them.. We are talking security, yes?

Anyway.. My posting was not to show you the perfect tool, and this tool is nice and scary at the same time.. With a bootable CD and SSH client at the CD together with all other tools this could be a nightmare for the administrator of a big network aswell as a minor company dealing with sensitive information.

Now have I to take vacation for a few days, hope you all can sleep well tonight

You're correct, the bootdisks only work on the system that created them, or systems that were created via image(thus having the same security identifier). It's not an incredible security risk if somebody else were to use the disk, since it resets the password to something chosen beforehand and not whatever the user wishes (Not that you want people resetting your passwords either way).

I agree, I would not use a windows recovery disk unless it was absolutely neccisary.

Originally posted by shkuey I guess it's not common knowledge that NT can create such bootdisks on it's own.

Hmmmm shoot me for being stupid but I wasn't aware the erd could reset passwords. I read the article and I couldn't find the reference you talked about(Am I blind as well as stupid lol). I have used this tool here :

Under the section "Other Handy Uses For An Emergency Repair Disk" it states:

An up-to-date ERD will also prevent gray hairs when you need to reset the password to a previously used one. It can save you many hours you might otherwise spend reinstalling Windows NT and the associated programs on the workstation being recreated.

It lacks details, but like I said, I can't find the details on microsoft's abysmal website. Basically these disks back up the registry, which stores previously used passwords (NT 4 remembers the last 3 by default, I think), and by restoring appropriate keys you can reset the password. It is not user friendly at all.

I do concede that third party software is probably far more flexible to handle these things.